org.ssonet.net
Class KeyExchange

java.lang.Object
  |
  +--org.ssonet.net.KeyExchange

public class KeyExchange
extends java.lang.Object

This class implements protocols for secure exchange of keys and certificates. For each transaction the server creates an instance of this class in SSONETServerClientSocket, and the client creates an instance of this class in SSONETClientSocket.


Field Summary
 org.ssonet.net.SSONETContext context
           
static boolean debug
           
static boolean debugProfiling
           
 
Constructor Summary
KeyExchange(org.ssonet.io.IOStream ioStream, org.ssonet.net.SSONETContext context, boolean isServer)
          Initializes a keyExchange object.
 
Method Summary
 java.security.PublicKey getPartnerMechanismCertificate()
          Key exchange protocol for asymmetric algorithms: Gets a certificate from the communication partner, encrypted with the own public cipher key, decrypts it, and checks it against the sign certificate (root certificate) of the partner.
 java.security.Key getSessionKey(java.lang.String mechanismName, java.lang.String provider)
          KeyExchangeProtocol for symmetric algorithms, where the keySize is fix, and therefore must not be given.
 java.security.Key getSessionKey(java.lang.String mechanismName, java.lang.String provider, int keyLength)
          Keyexchangeprotocol for symmetric algorithms.
 void sendOwnMechanismCertificate(java.security.cert.X509Certificate ownMechanismCertificate)
          Keyexchangeprotocol for asymmetric algorithms: Sends a certificate to the communication partner, encrypted with the partners public encryption key.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

debug

public static boolean debug

debugProfiling

public static boolean debugProfiling

context

public org.ssonet.net.SSONETContext context
Constructor Detail

KeyExchange

public KeyExchange(org.ssonet.io.IOStream ioStream,
                   org.ssonet.net.SSONETContext context,
                   boolean isServer)
            throws SSONETCertificateNotValidException,
                   java.io.IOException
Initializes a keyExchange object. During the initialization signature certificates and cipher certificates are exchanged between client and server and checked. For the sign certificates (the root certificates of the partners) the CertificateListener instances registered with this context are called.

Certificates are only exchanged once (at the start) in a connection. If the context allready holds a partners certificate, no certificates are exchanged.

Parameters:
ioStream - the @see IOStream used by this object to communicate to the partner.
context - the @see SSONETContext, which holds all data needed to set up a connection
isServer - determines, if protocol is used for a server (true), or a client (false)
Throws:
SSONETCertificateNotValidException - if partner certificate not valid
java.io.IOException - if something other goes wrong, i.e. the Connection is aborted.
Method Detail

sendOwnMechanismCertificate

public void sendOwnMechanismCertificate(java.security.cert.X509Certificate ownMechanismCertificate)
                                 throws java.io.IOException
Keyexchangeprotocol for asymmetric algorithms: Sends a certificate to the communication partner, encrypted with the partners public encryption key.

Parameters:
ownMechanismCertificate - the certificate to send
Throws:
IOException, - if sending was not successful
java.io.IOException

getPartnerMechanismCertificate

public java.security.PublicKey getPartnerMechanismCertificate()
                                                       throws java.io.IOException
Key exchange protocol for asymmetric algorithms: Gets a certificate from the communication partner, encrypted with the own public cipher key, decrypts it, and checks it against the sign certificate (root certificate) of the partner.

Returns:
PublicKey communication partners public mechanism key
Throws:
java.io.IOException - if something went wrong while receiving the partners mechanism certificate, or the certificate is invalid

getSessionKey

public java.security.Key getSessionKey(java.lang.String mechanismName,
                                       java.lang.String provider)
                                throws java.io.IOException,
                                       java.security.NoSuchProviderException,
                                       java.security.NoSuchAlgorithmException
KeyExchangeProtocol for symmetric algorithms, where the keySize is fix, and therefore must not be given.

Parameters:
mechanismName - name of the algorithm for key generation
provider - provider of the key generator
Returns:
the exchanged sessionkey
Throws:
java.io.IOException - if an error occures while exchanging the key.
java.security.NoSuchProviderException - if the given provider is invalid
java.security.NoSuchAlgorithmException - if the given mechanismName is invalid

getSessionKey

public java.security.Key getSessionKey(java.lang.String mechanismName,
                                       java.lang.String provider,
                                       int keyLength)
                                throws java.io.IOException,
                                       java.security.NoSuchProviderException,
                                       java.security.NoSuchAlgorithmException
Keyexchangeprotocol for symmetric algorithms.
-Client creates a sessionkey, signs sessionkey, encrypts sessionkey and signature
-Server decrypts the message, tests the signature and extracts the sessionkey

Parameters:
mechanismName - session key mechanism name
provider - the provider of the key generator
keyLength - session key length, if it is < 0, the standard keylength of the given algorithm is used
Returns:
Key the exchanged sessionkey
Throws:
java.io.IOException - if an error occures while exchanging the key.
java.security.NoSuchProviderException - if the given provider is invalid
java.security.NoSuchAlgorithmException - if the given mechanismName is invalid


Copyright © 2003 DRIM Team. All Rights Reserved.